[SECURITY] [DLA 2877-1] gdal security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 2877-1] gdal security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Wed, 12 Jan 2022 13:17:15 +0100 (CET)
Message-id: <[🔎] 20220112121715.890A82A477D@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2877-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
January 12, 2022                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : gdal
Version        : 2.1.2+dfsg-5+deb9u1
CVE ID         : CVE-2019-17545 CVE-2021-45943

Two issues were found in GDAL, a geospatial library, that could lead to
denial of service via application crash or possibly the execution of
arbitrary code if maliciously crafted data was parsed.

For Debian 9 stretch, these problems have been fixed in version
2.1.2+dfsg-5+deb9u1.

We recommend that you upgrade your gdal packages.

For the detailed security status of gdal please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gdal

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmHexssACgkQnUbEiOQ2
gwI1Nw/+JSslDolLPaqooDp1Q9QuswYrOy15pWiVv9R9wu/3Cu7oTRCMoxTcZZXS
opKd15uC9iVczC0FnejfsrpNx9KdtiBMZwmxXmrkyeaSqh9BMc4Q9m8Kzm33261u
Rke/v+ePO3B5fGQWd03lGuXAcq9HNTovyRhXv27qr3u0NdWnM3LVtbAVNt0tfD7A
1h7C1PQgwl7dBd62S4MsDINS3nfSZVkoKRg2zjGBb5ouaRITO+XiMlKo1cQIfzi+
j881Bi/4t3YUnYO3BFwvIwN+at7sQ7/1iqsinbjp0+rLTm+egVqtrMYtGDYo6d1E
t3VGUI0FSjjSkClNoxs4J5jPwH3KYlEiTATxjE8LL0TyyrocpGxNH+9N8KN7dRRJ
tcWii5AbKWGeCuUcMvgGbmT0aL8iyEAoEoM28l66r6BvSjdJlDg9d8lv4MB6nzS/
cgZWL5F5E4yoQqflXyaBsOG81G1eZ2qWp414mLK9Pafup4zEbeJek1U5WymAkDBl
dajzgVD3Db55WfBlGhA3KiwQuLeaRZIh/qeY488B1igN1ghFCr5uvYwuLyu4Gw52
csVERiUndpXIqlsl5X9t5M6NE3PLUnR0lPNhWyGsU+HYrymvdNRHSJ0PCuEi6Flq
CzXpxcYW1Fbm0jr0ERbi2ufkLaLEg3/Kp+PhTjJw+5fQI0gqWCc=
=D12o
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2876-1] vim security update
Next by Date: [SECURITY] [DLA 2878-1] roundcube security update
Previous by thread: [SECURITY] [DLA 2876-1] vim security update
Next by thread: [SECURITY] [DLA 2878-1] roundcube security update
Index(es):
- Date
- Thread